How To Allow access to certain websites by IP Address in ISA Server 2004

This information might help:  When accessing a website via IP, I get the following error:  

Technical Information (for support personnel)
Error Code: 502 Proxy Error. The host server is unreachable. (10065)
IP Address: 199.232.150.242
Date: 5/10/2006 3:53:08 PM
Server: proxy.mysite.com
Source: proxy

If anyone cares to test, that IP address does have a website configured for it, however, I can not reach it using a client configured to go through the proxy server.

I'm on it.

Browntech Document Management

I use isa2006 so I will try again shortly with ISA2004

How many addresses are there Bjorn?

about 80 addresses

Ah. Don't want to be typing THOSE in individually then :)

Well, I already did that when I set up a new network with those IPs specified.  I also have the list in a file, so if there's a handy VB script for importing, I could grab them from there.

Just as an aside, error 502 is Bad Gateway; not site cannot be reached.

That is the error as I got it.  I did look up this error and did run into bad gateway, and could find very little information about the host server unreachable error.  i did run into this site:

http://www.mcse.ms/archive99-2005-4-1581247.html

But it does not have a solution, only duplicating the problem I have currently.  Is it difficult to export all of the information for ISA 2004 and try out 2006 beta?

Its not something I would do on a whim Bjorn to be honest. Lets see what we can do with this first. Let me see what I can find.

http://support.microsoft.com/?kbid=894483

and this one

http://support.microsoft.com/?kbid=915045

I checked out both KB articles and I don' thave any filtering set for signatures using the HTTP filter.  I did some more mucking around though.  There was a site that users needed to access at http://www.waynecountylandrecords.com/.  When i had the list of IP's specified as a network list, even thought I had the list set to allow communication, that site would not work, it would return the same error as above about the host not being reachable.  The reason for this was that I had the IP for http://www.waynecountylandrecords.com/ in my IP list.  Once I took that address out, I can browse to that site just fine.  Maybe rather then a different network, the IPs need to be set up as Computers?

Setting them up as computers work.  It'll just take a while to do the data entry.  Thanks again!

Well done yourself. It helps sometimes just to have the conversation. Grateful for the points but I think you can chalk that one as a success to yourself !!

Regards
Keith
ISA MCT

The IT staff of One is always grateful for another person to ask the right questions.

LOL. We're always here Bjorn. Ask anytime. I have well over 100 ISA installations now so have come across most scenario's. Some of the following may be of help to you in the future.

Regards
keith

http://www.microsoft.com/isaserver/techinfo/guidance/2004/default.mspx
http://www.isaserver.org/articles/2004tunnelportrange.html
http://support.microsoft.com/default.aspx?kbid=837834&product=isas2004
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/faq-urldomainnamesets.mspx
http://support.microsoft.com/?kbid=916106
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/ipsecvpn.mspx

For anyone else wanting help creating a Computer Set from a script, rather then entering in 80 IP's by hand, check out http://www.isascripts.org/ for a bunch of helpful scripts for admins who value their wrists.